LJK/Security Reference Manual

Begin

Contents (summary)
Preface	Preface
Part	Overview
Chapter 1	Introduction
Chapter 2	Installing LJK/Security
Part	User Interfaces
Chapter 3	Window Interface
Chapter 4	Menu Interface
Chapter 5	Command Interface
Part	Tests
Chapter 6	LJK/Security Automatic Tests
Part	Site-Specific Customization
Chapter 7	Policy Modification
Chapter 8	Assessment Modification
Chapter 9	Using Program Call Interfaces
Chapter 10	Using LJK/Security With Removable Media
Chapter 11	Tips for Special Situations
Chapter 12	Answering Questions for Non-Automated Assessment Methods
Part	Appendices
Appendix A	Master Node Installation
Appendix B	Tributary Node Installation
Appendix C	Moving the Software
Appendix D	Demonstration
Appendix E	Other VMS Security Considerations
Appendix F	Files Created by LJK/Security
Appendix G	Bug Reports
Appendix H	Hints and Kinks
Appendix I	Use of Privilege by LJK/Security
Appendix J	Security of LJK/Security
Appendix K	Creating Policies Based on Examples
Appendix L	Sending LJK/Security Data Directly over TCP/IP
Appendix M	Quick Start Guide to NIST SP 800-53/800-53a Security Assessments
Appendix N	Quick Start Guide to PCI DSS Security Assessments
Appendix O	Quick Start Guide to DoD Instruction 8500.2 Vulnerability Assessments
Appendix P	Quick Start Guide to CNSS Security Assessments
	Glossary
	Index
	Figures
	Tables

Contents

Preface

Preface Preface

Part

Part Overview

Chapter 1

1 Introduction

     1.1     What LJK/Security Does

     1.2     What LJK/Security Does Not Do

     1.3     How LJK/Security is licensed

     1.4     Elements of the LJK/Security Control Structure

         1.4.1         Node

             1.4.1.1             Master Node

             1.4.1.2             Tributary Node

         1.4.2         Automated Tests

             1.4.2.1             Facility

             1.4.2.2             Element

             1.4.2.3             Constraint

         1.4.3         Non-Automated Methods

             1.4.3.1             Manual Examination

             1.4.3.2             Interview

             1.4.3.3             Invasive Testing

             1.4.3.4             Compensating Control

         1.4.4         Policy

             1.4.4.1             Disable

             1.4.4.2             Limit

             1.4.4.3             Exemption

         1.4.5         Assessment

Chapter 2

2 Installing LJK/Security

     2.1     Choosing the Master Node

     2.2     Installation on the Master Node

         2.2.1         Installation on the Master Node using VMSINSTAL.COM

     2.3     Installation on Tributary Nodes

         2.3.1         Installation on Tributary Nodes using VMSINSTAL.COM

     2.4     Starting Operation after a New Installation

         2.4.1         Temporarily Disabling Resource-Intensive Tests

         2.4.2         Testing against Mandated Standards

         2.4.3         Choice of Interface

Part

Part User Interfaces

Chapter 3

3 Window Interface

     3.1     Windowing Terminology

     3.2     Context Sensitive Help

     3.3     Using the Window Interface on a New Installation

         3.3.1         Starting LJK/Security

         3.3.2         Creating a Policy

         3.3.3         Adding an Exemption

         3.3.4         Creating an Assessment

         3.3.5         Running the Assessment

         3.3.6         Reviewing Assessment Results

     3.4     Overview of LJK/Security Pulldown Menus

         3.4.1         Main Window Menus

         3.4.2         Assessment Window Menus

         3.4.3         Policy Window Menus

         3.4.4         Result Window Menus

     3.5     Using the Window Interface for Day-to-Day Tasks

         3.5.1         Viewing Multiple Assessments

         3.5.2         Copying an entry to another assessment

         3.5.3         Removing an entry from an assessment

         3.5.4         Modification based on an assessment history record

         3.5.5         Examining an assessment entry

         3.5.6         Modifying policy values

             3.5.6.1             Boolean

             3.5.6.2             Scale

             3.5.6.3             Protection

             3.5.6.4             Privilege Level

         3.5.7         Modifying a policy disable

         3.5.8         Cutting a policy only removes exemptions

Chapter 4

4 Menu Interface

     4.1     How to Use the Menu Interface

     4.2     Using the Menu Interface on a New Installation

         4.2.1         Starting LJK/Security

         4.2.2         Creating a Policy

         4.2.3         Adding an Exemption

         4.2.4         Creating an Assessment

         4.2.5         Running the Assessment

         4.2.6         Reviewing Assessment Results

Chapter 5

5 Command Interface

     5.1     Command Summary

     5.2     Command Formats

     5.3     Name Formats

     5.4     Privileges Required to Invoke Commands

         5.4.1         Facility-specific identifiers

     5.5     Forcing Use of the Command Interface

     5.6     Using the Command Interface on a New Installation

         5.6.1         Preparing the Default Policy and Default Assessment

         5.6.2         Running the Default Assessment

     5.7     Detailed Specification of Individual Commands

    Command 1     ANSWER

    Command 2     ASSIGN

    Command 3     CANCEL

    Command 4     CREATE ASSESSMENT

    Command 5     CREATE POLICY

    Command 6     EXIT

    Command 7     HELP

    Command 8     KIT_BUILD

    Command 9     MODIFY ASSESSMENT

    Command 10     MODIFY POLICY

    Command 11     REMOTE

    Command 12     REMOVE

    Command 13     REPORT

    Command 14     RUN

    Command 15     SET PROGRESS

    Command 16     SET TEMPLATE

    Command 17     SHOW ASSESSMENT

    Command 18     SHOW NODES

    Command 19     SHOW POLICY

    Command 20     SHUTDOWN

    Command 21     STOP

Next